Have problem with LDAP connection

0 votes
1 view

Dear all,

I followed this documentation for LDAP connection

https://knowage-suite.readthedocs.io/en/7.2/installation-guide/advanced-configuration.html#ldap-security-connectors

I am not able to implement LDAP connection on Knowage 7.1.7 and facing difficulties to integrate the LDAP connection

knowage.log

http-nio-8080-exec-7] 30 Nov 2020 15:41:14,396 ERROR it.eng.spagobi.commons.services.LoginModule.service:219 - userName/pwd uncorrect
[http-nio-8080-exec-2] 30 Nov 2020 15:42:01,071 ERROR it.eng.spagobi.security.LdapSecurityServiceSupplier.checkAuthentication:81 - UserName username@domainname.com not found into database. Returning [null] as user profile
[http-nio-8080-exec-2] 30 Nov 2020 15:42:01,078 ERROR it.eng.spagobi.commons.services.LoginModule.service:219 - userName/pwd uncorrect
[http-nio-8080-exec-5] 30 Nov 2020 15:43:19,143 ERROR it.eng.spagobi.security.LdapSecurityServiceSupplier.checkAuthentication:81 - UserName domain\username not found into database. Returning [null] as user profile
[http-nio-8080-exec-5] 30 Nov 2020 15:43:19,145 ERROR it.eng.spagobi.commons.services.LoginModule.service:219 - userName/pwd uncorrect

Steps done:

1- Created ldap.properties file

INITIAL_CONTEXT_FACTORY = com.sun.jndi.ldap.LdapCtxFactory
PROVIDER_URL = ldap://xxx.xx.xx.xx:389
SECURITY_AUTHENTICATION     = simple
DN_PREFIX = CN=
DN_POSTFIX = ,ou=xxxx,dc=xxx,dc=xxx,dc=xxx
SEARCH_USER_BEFORE = true
SEARCH_USER_BEFORE_USER = 
SEARCH_USER_BEFORE_PSW = 
SEARCH_USER_BEFORE_FILTER   = (&((objectclass=Person))(samAccountName=%s)) 

2- edit value in setenv.sh to 

export JAVA_OPTS="-Xms1024m -Xmx8192m -Dldap.config=/home/knowageusr/Knowage-Server-CE/resources/ldap.properties"

3- changed the value of SPAGOBI.SECURITY.USER-PROFILE-FACTORY-CLASS.className to it.eng.spagobi.security.ProfiledLdapSecurityServiceSupplier

Environment knowage 7.1.7, Ubuntu 18.04
asked Dec 1, 2020 in General Configuration by smily99 (210 points) | 1 view

1 Answer

0 votes

Hi smily99,

the documentation you followed is related to Knowage 7.2. Properties starting with the SEARCH_USER_BEFORE prefix, set in the ldap.properties file, are not managed in Knowage 7.1.

However, the LDAP connection works fine if the user is registered in the Knowage database.

So, make sure you have a user in your Knowage database with:

  • user_id = username@domainname.com
  • password = the same password as the ldap user

This way both LDAP authentication and role checking in Knowage will work.

Also, I would like to point out that a new version of Knowage with more features is available. I recommend that you upgrade to take advantage of it.

Greetings.

Alberto

answered Apr 8, 2021 by albnale (6,760 points)

Dear Alberto Nale,

thank you for the comment. However, i am still facing the same issue not able to connect the application to the AD using the same ldap.property file . Also, i have created the suggested plan from you 

  • user_id = username@domainname.com
  • password = the same password as the ldap user
I have created the user with the same password to knowage databbase and when i try to authenticate the system using this user it is not working 
Please advice
commented Aug 4, 2021 by smily99 (210 points)
Hi smily99,

do you mean Active Directory by AD?

Also, can you provide me the Knowage log so I can investigate the error?

Thank you.

Greetings
Alberto
commented Aug 5, 2021 by albnale (6,760 points)
Dear

Yes, i meant by AD is Active Directory

[http-nio-8080-exec-2] 13 Jul 2021 23:19:09,536 ERROR it.eng.spagobi.security.InternalSecurityServiceSupplierImpl.checkAuthentication:99 - UserName not found into database
[http-nio-8080-exec-2] 13 Jul 2021 23:19:09,539 ERROR it.eng.spagobi.commons.services.LoginModule.service:219 - userName/pwd uncorrect
[http-nio-8080-exec-3] 13 Jul 2021 23:23:15,889 ERROR it.eng.spagobi.commons.services.LoginModule.service:219 - userName/pwd uncorrect
[http-nio-8080-exec-9] 13 Jul 2021 23:23:28,975 ERROR it.eng.spagobi.commons.services.LoginModule.service:219 - userName/pwd uncorrect
~
commented Aug 31, 2021 by smily99 (210 points)

Hi smily99,

Knowage provides integration with Azure Sign-In for authentication purposes starting from version 7.4. If you want to log in to Knowage using your Azure account, please follow the instructions in the documentation at https://knowage-suite.readthedocs.io/en/7.4/installation-guide/azure-signin-integration.html.

Greetings,
Alberto

commented Sep 2, 2021 by albnale (6,760 points)
Welcome to Knowage Q&A, where you can ask questions and receive answers from other members of the community.

Most popular tags

1,555 questions
1,017 answers
2,038 comments
2,568 users